RIA Year-End Compliance Checklist: Start 2026 On The Right Note

Closing out the quarter, fielding client questions, finalizing budgets, and trying to get a head start on next year. In the middle of that noise, it is too easy for critical compliance tasks to slip to the bottom of the list until the first filing deadline or exam request letter shows up.

This year end checklist is designed to make that work feel structured rather than reactive. It walks through the core items most advisers need to address before Q1 hits: confirming continuing education, capturing year end AUM for your ADV and other filings, completing your annual compliance review, aligning with the SEC’s 2026 exam priorities, training your team, and pressure testing your cybersecurity program.

If you are still juggling spreadsheets, email chains, and shared drives to manage these obligations, this guide will also show how a simple, centralized compliance calendar and portal can reduce the year end scramble and help you start 2026 on the front foot.

Check out RIA Compliance Technology’s Simple Compliance Calendar and Simple Compliance Portal to start 2026 with ease.

How to execute your year end checklist as an RIA:

1. Ensure all your registered people have completed continuing education

Start by pulling a current list of all registered individuals and supervised persons from your HR, licensing, or registration system. Cross check each person against required CE, firm training, and any designation specific requirements. Reach out to anyone with gaps and assign clear deadlines before year end or early Q1. Finally, save proof of completion (certificates, attendance reports, or attestations) in a central location for exam evidence.

2. Prepare for Q1 filings (ADV, Form PF, Form 13F, state financials)

Create a simple filing calendar that lists each form your firm must file, its due date, and the internal owner. Work with finance and operations to lock in your year end AUM, client counts, and any other data that feeds into these filings. Build a small “workback” plan so that data gathering, drafting, review, and final sign off all have target dates. Store final submissions and support in one folder or system so that you can easily demonstrate what was filed and how you arrived at the numbers.

3. Conduct an annual review of the compliance manual, policies, and procedures

Print or export your current compliance manual and highlight every control, review, committee, or certification that it says you perform. For each item, confirm whether it actually occurred this year, who did it, when it happened, and how it was documented. Note any gaps, outdated processes, or areas where the business has changed. Summarise your findings, assign remediation owners and timelines, and save this as your formal annual review record.

4. Review your ADV for accuracy and needed updates

Compare last year’s ADV to how the firm actually operates today. Focus on AUM, client types, services, fee arrangements, conflicts, disciplinary history, and financial condition. Confirm that the ADV matches your website, marketing materials, and client agreements so that you are telling a consistent story. Draft updates, route them to the right stakeholders for review, and keep a clean record of comments, approvals, and final filed versions.

5. Review the SEC’s exam priorities for 2026

Download or print the SEC Division of Examinations’ priorities and read through the sections that apply to advisers. Make a simple table with two columns: “Exam Priority” and “What we do today.” For each priority, note whether you already have a policy, testing, and documentation in place, or whether it is a gap. Turn any gaps into 2026 projects with clear owners and due dates, and track them in your compliance plan or calendar.

6. Conduct compliance training for your team

List the core topics that need to be covered at least annually, such as code of ethics, personal trading, gifts and entertainment, conflicts, and cybersecurity awareness. Decide on the format (live session, webinar, or e-learning) and schedule dates that work for all relevant staff. Send invites, track attendance, and collect attestations that employees have received and understood the training. Save slide decks, recordings, sign in sheets, and attestations together so that you can quickly produce them during an exam.

7. Consider a mock audit

Decide whether you want a full scope mock exam or a focused review on one or two higher risk areas such as fees, marketing, or trading. Choose an internal team or external consultant to perform the review, and agree the scope, document request list, and timeline up front. Treat the exercise like a real exam: provide documents, answer questions, and walk through your processes. When you receive the findings, prioritise them, assign remediation tasks, and follow up until each action item is closed and documented.

8. Review your cybersecurity program

Start by locating your current written information security program, incident response plan, and any cyber related policies. Confirm that they reflect your actual technology stack, vendors, and business processes, and update them for any changes in the past year. Review user access lists, multi factor authentication, off boarding procedures, and vendor due diligence files to ensure they are up to date. Finally, test at least one scenario, such as a phishing simulation or backup recovery test, and document what you learned and what you will improve next year.

Check out RIA Compliance Technology’s Simple Compliance Calendar and Simple Compliance Portal to start 2026 with ease.